‘Ifriends’ Users – A recent Target for Phishers

Security experts at Sophos report that phishers are now targeting iFriends, a videochat community to spread their e-mail scams. Over two million users visit the ifriends' site and many of the site's chatrooms are meant for adults. Though this is a new target for the phishing campaign, yet the content of the e-mail is typically standard that ask the recipients to update their information, where the information relates to very personal and secret ones.

The e-mail message says that the sender has come to know that the recipient's account information requires updating as part of the continuing commitment of the former to keep the latter's account safe and protected so that there are minimal chances of fraud on the sender's website. Therefore the recipient is requested to take 5-10 minutes off their surfing time to update his personal records so that he does not get into any future trouble with their online service. However, those who fail to update their records will find their accounts suspended. The update should be on or before August 27, 2006. It further adds that once the account records are updated the user's session will continue as normal without any interruption.

The e-mail sounds very convincing and well meaning for the users and so they are prompted to do as suggested in the e-mail. However, the e-mail links to a fake website that requests for private and sensitive details like credit card numbers and ATM pin codes.

Senior technology consultant for Sophos, Graham Cluley advises computer users to adopt practice of verifying unsolicited e-mail or they may run into risk of divulging their identities and inadvertently allow their money being stolen. He also mentioned that phishers simply don't aim to attack bankers but anyone who interacts with companies online.

While phishers trick e-mail recipients through online banking scams, they also have found something new to harm users, which may gain them substantially in future. As large numbers of people in large join online communities, measures need to be adopted that protect these users from phishers' targets. For one, they should apply adequate security products at their end to prevent themselves from attacks.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 8/31/2006